Author: claudiuslam

CSA Knowledge Sharing Event provides an excellent opportunity for cybersecurity professionals to discuss the latest trends and developments in IT and in the process build a close-knitted cybersecurity community in Hong Kong and Macau.

This month we have invited Mr Jeffrey Lau, Platform Lead of Ribose to deliver a talk entitled “Management of SaaS-specific risks”.

TOPIC:

SaaS providers have exploded in numbers in recent years. Practically every organization today has adopted SaaS services in one way or another. However, given the ease of adoption, coupled with a consumer-driven and instant gratification mindset, organizations often onboard SaaS services without necessary precaution and scrutiny.

By nature of the cloud, SaaS services are subject to much greater threats than traditional IT. Without proper management of SaaS risks, SaaS services can easily become the weakest link in your organization, potentially endangering organization survival. In this session, we will enumerate risks and mitigation measures of adopting SaaS services from the cloud customer’s perspective to help protect your organization from SaaS-specific threats.

Presented by Jeffrey Lau, co-lead of the privacy practice at Ribose and member of CSA’s SaaS Governance workgroup, this session explains the notion of SaaS-specific risks including privacy risks, and best practices in managing them in this age of uncertainty.

THE SPEAKER

Jeffrey is Ribose’s Platform Lead, responsible for service-wide improvements of the Ribose secure collaboration platform. With a decade of software engineering experience, he holds bachelors and masters degrees in Computer Science from the University of Cambridge. He is passionate in protecting individual privacy rights, particularly on the privacy impact of technology as well as methods to mitigate them through technology. Jeffrey is a part of the CSA SaaS Governance and Internet of Things working groups, serves technical committees at the OpenID Foundation and is a lead auditor in information security management systems (ISO/IEC 27001), IT service management (ISO/IEC 20000-1) as well as business continuity management systems (ISO 22301).

Please do not miss this opportunity to learn from the expert and get connected with your peers.

In this seminar, information security experts will introduce related security best practices and share their experience on how to protect information systems and assets, so that everyone can continue to enjoy the advantages of electronic and online transactions as well as the convenience and fun brought about by technology. Details are:

The Cloud Security High-Level Forum and Cloud Security Alliance Greater China Region Summit 2016 will be held in Beijing on October 25, 2016.

With a theme of “Shape the Cloud, Secure the Dragon”, the conference is co-hosted by CSA GCR and the Cyber Security Association of China. It will invite government officials, influential IT and security experts and scholars to discuss the importance of security strategies for cloud computing.